Blogs

Events

Stories

Attention: RHN Hosted will reach the end of its service life on July 31, 2017.
Customers will be required to migrate existing systems to Red Hat Subscription Management prior to this date.
Learn more here

Details

Updated vdsm packages that fix one security issue and various bugs are nowavailable.

The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available from the CVE link inthe References section.

A flaw was found in the way unexpected fields in guestInfo dictionarieswere processed. A privileged guest user could potentially use this flaw tomake the host the guest is running on unavailable to the managementserver. (CVE-2013-0167)

The CVE-2013-0167 issue was discovered by Dan Kenigsberg of the Red HatEnterprise Virtualization team.

This update also fixes various bugs. Refer to the Technical Notes forinformation about these changes: